Facebook owner Meta Platforms Inc. is set to be handed a record European Union privacy fine for failing to heed a top court warning aimed at protecting users’ data from the prying eyes of US security services once it’s shipped to servers across the Atlantic.
(Bloomberg) — Facebook owner Meta Platforms Inc. is set to be handed a record European Union privacy fine for failing to heed a top court warning aimed at protecting users’ data from the prying eyes of US security services once it’s shipped to servers across the Atlantic.
The Irish Data Protection Commission, which oversees the EU operations of most Silicon Valley firms, will also order the social network to stop all data transfers to the US that rely on supposedly unsafe contractual clauses questioned by the bloc’s top court, according to people with the matter, who spoke on condition of anonymity.
The Meta penalty, ahead of the fifth anniversary of the EU’s General Data Protection Regulation, will eclipse the previous record, a €746 million ($807 million) fine for Amazon.com Inc., the people said.
It’s the latest round in a long—running saga that eventually saw the likes of Facebook and thousands of other companies plunged into a legal vacuum. EU judges in 2020 annulled an EU decision regulating transatlantic data flows over fears citizens’ data wasn’t safe once shipped to the US. While they didn’t strike down an alternative contractual tool, their doubts about American data protection quickly led to a preliminary order from the Irish authority telling Facebook it could no longer move data to the US via this other method either.
The company declined to comment.
A data-transfer ban has been widely expected and once prompted Menlo Park, California-based Meta to threaten a total withdrawal from the EU. The Irish decision will only target Meta’s Facebook and won’t affect other Meta services, such as Instagram, or any of the other firms that have been transferring data the same way, the people said.
Transition Period
The Irish decision will only target Meta’s Facebook and won’t affect other Meta services, such as Instagram, or any of the other firms that have been transferring data the same way, the people said.
The ban is expected to come with a transition period, and will most certainly be followed by an appeal from Meta in the Irish courts, by which time a new transatlantic data pact the EU has been negotiating with the US might have taken effect.
The Irish authority adopted the decision last week and will publish it in the coming days after Meta has had a chance to highlight potentially sensitive information, according to Graham Doyle, its deputy commissioner. He declined to comment further.
The controversy stretches back to 2013, when former contractor Edward Snowden exposed the extent of spying by the U.S. National Security Agency. Privacy campaigner Max Schrems has been challenging Facebook in Ireland — where the social media company has its European base — arguing that EU citizens’ data is at risk the moment it gets transferred to the U.S.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.